Reverse engineering (RE) is the process of taking something (a device, an electrical component, a software program, etc.) apart and analyzing its workings in detail, usually with the intention to construct a new device or program that does the same thing. Reverse engineering is often used by military, in order to copy the opponent's technology or classified information. Other purposes of reverse engineering include security auditing, removal of copy protection, circumvention of access restrictions often present in consumer electronics and customization of embedded systems, for example engine management systems.
In reverse engineering, a hacker typically obtains a copy of the software (or firmware, hardware) and runs and debugs the software in an environment which the hacker controls. Techniques are available to automate the debugging process, and these techniques are being improved and will become more automatic. The software may be made more and more complex by scrambling the source code or scrambling the compiled binaries. However, if the software runs in an execution environment controlled by the hacker, the hacker may be able to extract the functionality no matter how scrambled the binaries or source code. The software may also be compressed and encoded (encrypted). Of course, this software has to be decompressed and decrypted before it can be actually executed. At some point, the software has to be presented to the executing environment in a decompressed and decoded state in order to execute, and at this point, the software is vulnerable to capture by the hacker. Also, hackers may be able to break encryption and compression schemes. Software may also contain various code snippets to detect the presence of a debugger or a tracer, and when it detects the debugger or tracer, to take various defensive actions. These conventional security techniques including using anti-debugging code is also routinely defeated by the hacking community. Brute force methods may be used in reverse engineering of firmware and hardware.
There is need for new effective methods and systems for protecting software, firmware, and hardware from being obtained by a hostile party and/or being reverse-engineered.